In the back-end admin i gave him ability to change the password. Once the password is changed, i can't propertly logout or log in for that matter. I belive that the session is getting screwed when the password changed. Oddly enough even thou i close borwser ( IE & FireFox ) i can't login / logout propertly. I could use any login and password and enter the site.
Please keep in mind this is not very comples as are my php skills.
If you can help me with this that would be great.
Thank you.
Greg
index.php
Code: Select all
<?
session_start();
$_SESSION['valid_user'] = $valid_user;
include('connect.php');
if($username && $password)
{
$query = "SELECT * FROM user_auth WHERE username='$username' and password='$password'";
$result = mysql_query( $query, $link );
if (mysql_num_rows($result) == 1)
{
$valid_user = $username;
session_register("valid_user");
}
}
if(session_is_registered("valid_user"))
{
<!----------------------- HTML ----------------------- >
<!----------------------- END HTML ----------------------- >
}
else
{
if (isset($valid_user))
{
echo "<span class='maintext'><center><font color='#ff0000'>Invalid Login.</center></span>";
}
}
?>logout.php
Code: Select all
<?
session_start();
$valid_user = $old_user;
$result = session_unregister("valid_user");
session_destroy();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Logout</title>
<link href="../style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
background-color: #FFFFFF;
}
.style1 {color: #CC0000}
.style2 {color: #000000}
-->
</style></head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?
if(!empty($old_user))
{
if($result)
{
echo "Logout successful !. Thank you. ";
}
else
{
echo "Cound't log you out !";
}
}
else
{
echo "Shouldn't be here !!!";
}
?>
</body>
</html>